[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] tor vulnerabilities?

To: Georgi Guninski <guninski@xxxxxxxxxxxx>
Subject: Re: [Full-disclosure] tor vulnerabilities?
From: coderman <coderman@xxxxxxxxx>
Date: Wed, 3 Jul 2013 11:04:45 -0700

On Wed, Jul 3, 2013 at 7:34 AM, Georgi Guninski <guninski@xxxxxxxxxxxx> wrote:
> ...
> I see no reason to trust tor.
>
> How do you disprove that at least (say) 42% of the tor network
> is malicious, trying to deanonymize everyone and logging
> everything?

end to end privacy is orthogonal to anonymity, however, exit nodes
imply risks most users aren't familiar with or accustomed to.  does
this mean Tor is useless?
  No - but it must be used with care, certainly.

> Or maybe some obscure feature deanonymize in O(1) :)

these bugs are short lived but do happen from time to time...  my
favorite will always be CVE-2007-4174  *grin*

next generation low latency anonymity networks are a fun area of
research and suited to interesting attacks. you could help build and
break them when you're sufficiently sated with vague criticisms.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Follow-Ups:
- Re: [Full-disclosure] tor vulnerabilities?
  - From: Georgi Guninski

References:
- Re: [Full-disclosure] tor vulnerabilities?
  - From: Georgi Guninski

Prev by Date: Re: [Full-disclosure] tor vulnerabilities?
Next by Date: Re: [Full-disclosure] DDoS attacks via other sites execution tool
Previous by thread: Re: [Full-disclosure] tor vulnerabilities?
Next by thread: Re: [Full-disclosure] tor vulnerabilities?
Index(es):
- Date
- Thread